Blackberry Continuing the Quest for Cybersecurity

privThe advertisements for the latest smartphones from Samsung, LG, HTC and Apple entice consumers with features like removable batteries, water resistance, longer battery life, better cameras, and sleeker designs.  Security, however, is rarely mentioned in the ads.  Blackberry is a brand name everyone recognizes, and while used almost exclusively by the government and Blackberry loyalists, few outside that realm realize the company still makes smartphones for the average consumer.  John Chen, CEO of Blackberry, is working to turn the company into an innovative cybersecurity company.  As part of that plan, the company is dabbling in more secure smart phones and has created new cybersecurity services.

Read more

Ashburn, VA: Internet Infrastructure Resilience

Internet InfrastructureWe recently published our high level summary of work done in conjunction with the Department of Homeland Security’s Regional Resiliency Assessment Program. The project was centered on the Ashburn, VA area’s Internet Infrastructure. You can read the full summary here.

Internet infrastructure is highly distributed among different private and public sector entities. Networks using TCP are highly resistant to failures when multiple paths from sender to receiver exist. TCP’s resilience has the potential to fail if a concentration of high-capacity routes between a particular sender and receiver become unavailable.

Read more

Can We Move Beyond the CAN Bus for Vehicle Networks?

ethernet-1826_960_720Securing consumer automobiles against potential cyber attacks is a research goal that has attracted a lot of attention from industry, academia, government and the media in the past few years. A number of flashy examples of car hacking have circulated around tech websites, traditional news outlets, and even local nightly news broadcasts. Perhaps the largest and most alarming of these was the remote exploit performed on a Jeep while a reporter from Wired was driving it. The researchers, Miller and Valasek, were able to exploit a zero-day (a vulnerability that Jeep wasn’t aware of at the time) in the vehicle’s infotainment system to remotely send CAN bus commands that would kill the engine or cause other nuisances. Based on this media interest and the growth of research activity, vehicle cybersecurity is a problem that a lot of people are starting to look at closely. Much of this work takes the form of, “how can we better secure the CAN bus?” However, what if instead of adding security on top of CAN, we stop using CAN altogether? The two main alternatives to the CAN bus network that have been proposed are FlexRay and Ethernet.

Read more